The world of connected devices has been attributed to applications that relied upon multitude of devices to acquire and distribute data over extremely diverse networks. This caused a plethora of potential threats. In the field of IT security, the concept of digital baits, or honeypots, which are typically network components (computer systems, access points, or switches) launched to be interrogated, savaged, and impacted, is currently popular as it allows scientists to comprehend further on assault patterns and behavior. Combining the inherent modularity with the administration enabled by the container makes security management simple and permits dispersed deployments, resulting in a very dynamic system. This study delivers several contributions in this regard. First, it comprehends the patterns, methods, and malware types that container honeypots deal with thus examining new developments in existing honeypot research to fill gaps in knowledge about the honeypot technology. A broad range of independently initiated and jointly conducted container honeypot strategies and studies that encompass various methodologies is surveyed. Second, using numerous use cases that aid scientific research, we address and investigate a number of challenges pertaining to container honeypots, such as identification problems, honeypot security issues, and dependability issues. Furthermore, based on our extensive honeypot research, we developed VIKRANT, a containerized research honeypot which assists researchers as well as enthusiasts in generating real-time flow data for threat intelligence. The configured approach was monitored resulting in several data points that allowed relevant conclusions about the malevolent users’ activities.

连接设备的世界归因于依赖大量设备通过极其多样化的网络获取和分发数据的应用程序。这导致了许多潜在的威胁。在 IT 安全领域，数字诱饵或蜜罐的概念目前很流行，它通常是为了被询问、攻击和影响而启动的网络组件（计算机系统、接入点或交换机），因为它允许科学家理解进一步了解攻击模式和行为。将固有的模块化与容器支持的管理相结合，使安全管理变得简单，并允许分散部署，从而形成一个非常动态的系统。这项研究在这方面做出了一些贡献。首先，它理解容器蜜罐处理的模式、方法和恶意软件类型，从而检查现有蜜罐研究的新发展，以填补蜜罐技术知识的空白。调查了一系列独立发起和联合进行的包含各种方法的容器蜜罐策略和研究。其次，利用大量有助于科学研究的用例，我们解决并调查了与容器蜜罐相关的许多挑战，例如识别问题、蜜罐安全问题和可靠性问题。此外，基于我们广泛的蜜罐研究，我们开发了 VIKRANT，这是一种容器化研究蜜罐，可帮助研究人员和爱好者生成威胁情报的实时流数据。对配置的方法进行监控，产生多个数据点，从而得出有关恶意用户活动的相关结论。